Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

podman run does not honour --authfile. Unable to pull and run in one step for private registry #3730

Closed
s4s0l opened this issue Aug 5, 2019 · 2 comments · Fixed by #3737
Closed

podman run does not honour --authfile. Unable to pull and run in one step for private registry #3730

s4s0l opened this issue Aug 5, 2019 · 2 comments · Fixed by #3737
Assignees
@QiWang19
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@s4s0l
Copy link

s4s0l commented Aug 5, 2019

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

--authfile switch / REGISTRY_AUTH_FILE / file in /etc/containers/auth.json does not seem to work for podman run.

Steps to reproduce the issue:

  1. podman login --authfile /etc/containers/auth.json my-repo
  2. podman pull my-repo/image:tag
    unauthorized: access to the requested resource is not authorized
  3. podman run my-repo/image:tag
    unauthorized: access to the requested resource is not authorized
  4. export REGISTRY_AUTH_FILE=/etc/containers/auth.json
  5. podman run my-repo/image:tag
    unauthorized: access to the requested resource is not authorized
  6. podman pull my-repo/image:tag
    unauthorized: access to the requested resource is not authorized
  7. `podman run --authfile /etc/containers/auth.json'
    unauthorized: access to the requested resource is not authorized
  8. `podman pull --authfile /etc/containers/auth.json'
    THIS WORKS!!

Describe the results you received:
described above.

Describe the results you expected:

  • All commands should by default look into `/etc/containers/auth.json'.
  • All commands should honour REGISTRY_AUTH_FILE environment variable
  • podman run should honour '--authfile' option

Additional information you deem important (e.g. issue happens only occasionally):
In registries.conf i have registries.search block replaced to point to my company private repo. This happens when i try to run container with fqn like my-repo/image:tag or just image:tag.

Output of podman version:

Version:            1.4.4
RemoteAPI Version:  1
Go Version:         go1.10.3
OS/Arch:            linux/amd64

Output of podman info --debug:

debug:
  compiler: gc
  git commit: ""
  go version: go1.10.3
  podman version: 1.4.4
host:
  BuildahVersion: 1.9.0
  Conmon:
    package: podman-1.4.4-2.el7.centos.x86_64
    path: /usr/libexec/podman/conmon
    version: 'conmon version 0.3.0, commit: unknown'
  Distribution:
    distribution: '"centos"'
    version: "7"
  MemFree: 83435520
  MemTotal: 510849024
  OCIRuntime:
    package: runc-1.0.0-64.rc8.el7.centos.x86_64
    path: /usr/bin/runc
    version: 'runc version spec: 1.0.1-dev'
  SwapFree: 2147209216
  SwapTotal: 2147479552
  arch: amd64
  cpus: 1
  hostname: localhost.localdomain
  kernel: 3.10.0-957.27.2.el7.x86_64
  os: linux
  rootless: false
  uptime: 56m 0.94s
registries:
  blocked: null
  insecure: null
  search:
  - my-company.com
  - my-company-releases.com
store:
  ConfigFile: /etc/containers/storage.conf
  ContainerStore:
    number: 0
  GraphDriverName: overlay
  GraphOptions: null
  GraphRoot: /var/lib/containers/storage
  GraphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "true"
    Supports d_type: "true"
    Using metacopy: "false"
  ImageStore:
    number: 0
  RunRoot: /var/run/containers/storage
  VolumePath: /var/lib/containers/storage/volumes

Additional environment details (AWS, VirtualBox, physical, etc.):
virtualbox.
@openshift-ci-robot openshift-ci-robot added the kind/bug Categorizes issue or PR as related to a bug. label Aug 5, 2019
@TomSweeneyRedHat
Copy link
Member

@QiWang19 PTAL

@QiWang19 QiWang19 mentioned this issue Aug 6, 2019
Merged
@bovem
Copy link

bovem commented Feb 21, 2022

Maybe the --authfile option has to be placed before image name.
podman run -d --authfile=auth.json --name <container-name> <container-image-name> worked for me.

@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 20, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 20, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@QiWang19 QiWang19

Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix create&run getting --authfile from cli QiWang19/podman
5 participants
@s4s0l @QiWang19 @TomSweeneyRedHat @bovem @openshift-ci-robot